Establishing an encrypted data session is vital to protecting the communication between two electronic devices. A number of encryption algorithms exist for securely protecting such communication. Clearly both devices must know each other's encryption algorithm and have an encryption/decryption key in common. However, in some cases the two devices may be communicating with each other for the first time and may not share an encryption protocol or algorithm in common. Additionally, they clearly will not both have the essential encryption key in this case.
Some conventional methods that allow devices to negotiate an encryption algorithm are limited in that they require that the nodes be capable of performing a common encryption algorithm. However, the nodes may fail to agree on an encryption algorithm, because they have no algorithm in common. For example, the Telnet protocol requires that both parties agree on the encryption algorithm. It is possible that the parties do not have an encryption algorithm in common, in which case the conventional communication protocol does not provide a means for the nodes to encrypt the communication.
A second limitation of conventional methods is that even if two devices have an encryption algorithm in common, they may not be able to agree to use it because the communication protocol does not support that encryption algorithm. For example, the Telnet protocol limits the types of encryption that are allowed during a Telnet session by requiring the parties to negotiate the encryption algorithm by passing the other node a specific value to identify an encryption protocol. However, the encryption algorithms supported are limited. Thus, users are unable to select an encryption algorithm that is not supported in the protocol and may be forced to use an encryption algorithm that is not their best choice.
Thus, one problem with conventional protocols is that two nodes that may have an encryption algorithm in common may be unable to negotiate to use it, using the conventional protocol. Another problem with conventional protocols is that each node must support an encryption algorithm that the other is willing to support, otherwise they are not able to negotiate to use encryption via the conventional protocol.